Read about how security administrators protect their networks .
Category: Network Security
PenTest Edition: How SQL Injection Attacks Work Using Both Burp Suite and Sqlmap
In this tutorial, I'm using BurpSuite to grab cookie information from a user and feed it into an SQL injection attack using sqlmap. To perform this test attack, I'm using the Damn Vulnerable Web App (DVWA) as a SQL injection vulnerable web site/database. This is a free application you can download for testing. As a ...
PenTest Edition: Go from Beginner to Advanced with nmap
Network Mapper, otherwise known as "nmap," is a powerful open-source program, perfect for conducting reconnaissance and enumeration. Yes, nmap is well-known for this purpose and it's included in every whitehat-to-blackhat's toolbox for that very reason; however, I want to point out that it has many other uses as well. For instance, a network administrator may ...
The Sony Pictures Entertainment Hack: A Look at the Evidence We Have
Note: Much of this information comes from an official affidavit, The United States of America vs. Park Jin Hyok, also known as ("aka") "Jin Hyok Park," aka "Pak Jin Hek," (United States District Court for the Central District of Caliornia June 8, 2018). If you want to review the entire 179-page document, it's available at https://www.justice.gov/opa/press-release/file/1092091/download. The ...
Security Researchers Confirm an Additional 7,500 Hacked MikroTik Routers Spying on Network Traffic
MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. The company is predominantly known for its RouterOS software system. With distributors located all around the world, including the United States, MikroTik should sound fairly familiar even though this is primarily a Cisco-dominant networking world. In July, researchers ...
PenTest Edition: Creating an Evil Twin or Fake Access Point on Your Home Network Using Aircrack-ng and Dnsmasq [Part 2 – the Attack]
If you haven't already begun the initial startup, you'll need to go back to PenTest Edition: Creating an Evil Twin or Fake Access Point on Your Home Network Using Aircrack-ng and Dnsmasq [Part 1 - Setup] and update Aircrack-ng and configure the dnsmasq configuration file. After that, you can come back here and begin the ...
The Cybersecurity Man 